package cn.edu.zut.hhr.config;

import cn.edu.zut.hhr.filter.TokenAuthFilter;
import cn.edu.zut.hhr.handler.TokenLogoutHandler;
import cn.edu.zut.hhr.utils.MDUtil;
import cn.edu.zut.hhr.filter.TokenLoginFilter;
import cn.edu.zut.hhr.utils.RedisUtil;
import com.fasterxml.jackson.annotation.JsonAutoDetect;
import com.fasterxml.jackson.annotation.PropertyAccessor;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.jsontype.impl.LaissezFaireSubTypeValidator;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.data.redis.connection.RedisConnectionFactory;
import org.springframework.data.redis.core.RedisTemplate;
import org.springframework.data.redis.serializer.Jackson2JsonRedisSerializer;
import org.springframework.data.redis.serializer.StringRedisSerializer;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.password.PasswordEncoder;

import javax.annotation.Resource;

@Configuration
public class TokenWebSecurityConfig extends WebSecurityConfigurerAdapter {

    @Resource
    RedisUtil redisUtil;

    @Resource(name = "tokenUserDetailsService")
    UserDetailsService userDetailsService;

    @Override
    public void configure(WebSecurity web) throws Exception {
        //不认证的路径
        web.ignoring().mvcMatchers();
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        http.formLogin()
                .loginProcessingUrl("/login")
                .and()
                .logout().logoutUrl("/login/logout").addLogoutHandler(new TokenLogoutHandler(redisUtil))
                .and()
                .authorizeRequests().antMatchers("login/logout").permitAll()
                .and()
                .csrf().disable()
//                .and()
//                .authorizeRequests().antMatchers("/**/admin/**").hasAnyAuthority("admin")
//                .and()
//                .authorizeRequests().antMatchers("/**/staff/**").hasAnyAuthority("admin","staff")
//                .and()
//                .authorizeRequests().antMatchers("/**/login/**").permitAll()
                .addFilter(new TokenAuthFilter(authenticationManager(),redisUtil))
                .addFilter(new TokenLoginFilter(authenticationManager(),redisUtil));
    }

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
        auth.userDetailsService(userDetailsService).passwordEncoder(mDPasswordEncoder());
    }

    @Bean
    PasswordEncoder mDPasswordEncoder(){
        return new PasswordEncoder() {
            @Override
            public String encode(CharSequence charSequence) {
                return MDUtil.MD5(charSequence.toString());
            }

            //密码比较s是加密后的密码
            @Override
            public boolean matches(CharSequence charSequence, String s) {
                return s.equals(MDUtil.MD5(charSequence.toString()));
            }
        };
    }

    @Bean
    @Override
    public AuthenticationManager authenticationManagerBean() throws Exception {
        return super.authenticationManagerBean();
    }



}
